The hack has happened during the weekend, on Sunday Coinrail announced the cyberheist. Attackers stole over $40M worth of ICO tokens that were maintained in the servers of the exchange.
The company published a data breach notification on its website that currently appears in maintenance mode.
해킹공격시도로 인한 시스템 점검중입니다. 일부코인(펀디엑스,NPXS)이 확인되었으며 추가적인 코인피해가 있는지 여부를 확인중입니다. 추후 자세한 사항은 재공지하겠습니다 / There has been an cyber intrusion in our system. We're confirming it and some coins(Pundi X, NPXS) are confirmed.
— coinrail (@Coinrail_Korea) June 10, 2018
The exchange explained that attackers stole tokens issued during the initial coin offerings (ICOs) of Pundi X (NPXS), NPER (NPER), and Aston (ATX).
“That’s according to a wallet address that has been identified as belonging to the alleged attacker, who also got hold of smaller volumes of a further five tokens from Coinrail.”
South Korea is one of the countries with the highest cryptocurrency trading activity, but Coinrail is one of its smaller exchanges operating over there.
According to coinmarketcap.com, the South Korean exchange ranks in world’s top 90 based on trading volume.
After the discovery of the hack, Coinrail immediately put offline its wallets to secure its cryptocurrency assets, it is currently working with the affected ICO companies to freeze the stolen funds.
Coinrail asked other cryptocurrency exchanges to freeze some of the attacker’s addresses where the coins where transferred.
At the time there is no news about possible compensation for the customers of the exchange, recently Japan’s Coincheck refunded its customers following a cyberheist.
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(Security Affairs – Cryptocurrency Exchange Coinrail, cyberheist)